• State Not Answered
  • Replies 29 replies
  • Subscribers 75 subscribers
  • Views 3228 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 329637
Options

nRF Connect SDK v2.6.1 - https_client works for example.com but not other hosts such as google.com

jchen2024

With nRF7002DK and TF-M (nrf7002dk_nrf5340_cpuapp_ns.conf) configuration, the sample project works for example.com:

*** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
HTTPS client sample started
Bringing network interface up
Provisioning certificate
Connecting to the network
[00:00:04.949,981] <inf> wifi_mgmt_ext: Connection requested
[00:00:09.183,044] <inf> net_dhcpv4: Received: 192.168.101.16
Network connectivity established and IP address assigned
Looking up example.com
Resolved 93.184.215.14 (AF_INET)
Connecting to example.com:443
Sent 61 bytes
Received 377 bytes

> HTTP/1.1 200 OK

Finished, closing socket.
Network connectivity lost
Disconnected from the network

However, replace the host with google.com and its associated CA:

[00:00:45.647,186] <inf> wifi_mgmt_ext: Connection requested
[00:00:49.878,845] <inf> net_dhcpv4: Received: 192.168.101.16
Network connectivity established and IP address assigned
Looking up google.com
Resolved 142.250.191.206 (AF_INET)
Connecting to google.com:443
connect() failed, err (22): Invalid argument
Network connectivity lost
Disconnected from the network

  • 0 in reply to Einar Thorsrud

    Added the following configuration items:

    CONFIG_NET_SOCKETS_TLS_SET_MAX_FRAGMENT_LENGTH=n

    CONFIG_PSA_WANT_ECC_SECP_R1_256=y
    CONFIG_PSA_WANT_ECC_MONTGOMERY_255=y
    The end results are the same:
    Resolved 104.17.254.182 (AF_INET)
    Connecting to www.auth0.com:443
    [00:00:06.689,453] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3242: handshake message: msglen = 91, type = 2, hslen = 91
    [00:00:06.693,695] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_msg.c:3242: handshake message: msglen = 3479, type = 11, hslen = 3479
    [00:00:06.697,784] <err> mbedtls: WEST_TOPDIR/modules/crypto/mbedtls/library/ssl_tls.c:7192: mbedtls_x509_crt_parse_der() returned -14848 (-0x3a00)
    connect() failed, err (113): Software caused connection abort
    Network connectivity lost
    Disconnected from the network
    Do you have different responses?
  • 0 in reply to jchen2024

    Hi and sorry for the delay

    Have you have any progress on your side? I will try to create a setup so that I can connect to www.auth0.com 
    From the feedback we have gotten both from the crypto team and wifi team it looks like you could also try set

    CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=16384
    CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=16384

    as long as MBEDTLS_SSL_IN/OUT_CONTENT_LEN is large enough to hold larger fragment, mbed TLS will still be able to process the records, regardless of `CONFIG_NET_SOCKETS_TLS_SET_MAX_FRAGMENT_LENGTH` value.What CONFIG_NET_SOCKETS_TLS_SET_MAX_FRAGMENT_LENGTH controls is whether Zephyr client uses max_fragment_length extension during the handshake to indicate maximum supported fragment length (which is calculated based on MBEDTLS_SSL_IN/OUT_CONTENT_LEN).

    Regards

    Runar

  • 0 in reply to runsiv

    How did you resolve that 113 issue?
    I'm stuck on the same issue.

  • 0 in reply to DDYD1

    If the response message is larger than 4k try the configurations suggested below in the next thread.

Related
Terms of service